Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          4K2gowNZZW+itfEgrPI5B5GAmK/P2NGLpYYZeVzcTmw=
Subject key identifier:   F5:B2:D2:7D:7F:28:34:7A:10:2A:A2:B2:BD:35:D6:83:C1:EC:43:5A
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       019CABDA08FC2E47F7D8FB3BF64FDB607F55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          1591
Signing time:             Mon 02 Mar 2026 00:01:58 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:58 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:58 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: ccfq7P9GEhzAzr7lTd/9N9/qdTSxPWghYbJJ6rJISsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:da:08:fc:2e:47:f7:d8:fb:3b:f6:4f:db:60:7f:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Mar  2 00:01:58 2026 GMT
            Not After : Mar  3 00:01:58 2026 GMT
        Subject: CN=f5b2d27d7f28347a102aa2b2bd35d683c1ec435a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e5:2f:6e:7a:1e:09:2e:ca:45:51:4b:d9:54:
                    b4:4c:1b:7f:e6:20:fc:0f:17:b6:15:a5:42:00:c0:
                    ba:ff:8e:e2:43:6c:fc:b0:2f:35:c7:c4:b7:cb:16:
                    fd:a7:e9:86:53:4d:07:54:af:c3:f1:47:67:f4:74:
                    8b:5f:a3:38:e5:0b:51:1a:fe:12:b5:71:52:0a:5c:
                    6d:02:b9:b5:41:a8:e4:b6:71:fa:f2:0d:6f:5f:a9:
                    f2:f9:86:e3:51:b0:5f:36:12:d4:ec:14:4a:5b:17:
                    07:77:ba:16:40:17:dd:d9:c9:fe:99:48:ad:25:c8:
                    0f:79:03:44:83:b7:3d:07:63:e8:5a:a0:e3:5a:a7:
                    24:03:6b:af:dc:37:2d:0b:8b:b8:1c:42:5d:ac:cd:
                    97:7f:e9:78:15:33:cc:6b:ef:ab:2a:20:bf:e8:1f:
                    5f:0b:a7:c5:6d:fd:00:35:45:9d:a9:4d:f8:3c:76:
                    7a:28:8f:54:db:4d:6b:91:0a:8c:51:01:59:9c:85:
                    52:cb:2a:59:7c:66:a1:98:98:5f:55:3f:15:10:12:
                    9d:97:32:85:af:88:78:9f:75:1a:34:a5:46:fc:6e:
                    af:9a:93:1f:65:be:87:c3:3e:b4:6d:a6:da:aa:e1:
                    ed:b4:d6:95:48:14:8c:b4:87:e4:ff:40:17:51:8c:
                    7a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:B2:D2:7D:7F:28:34:7A:10:2A:A2:B2:BD:35:D6:83:C1:EC:43:5A
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:84:a1:27:eb:14:38:a2:0f:8b:99:1f:13:8f:20:f6:75:be:
         be:ff:54:4f:e6:cb:50:5f:f8:a3:13:f2:bb:e4:08:dd:89:d6:
         63:76:b5:dc:05:99:ab:6f:1e:d5:65:24:2b:f4:94:af:83:ae:
         85:80:28:d4:13:ec:1c:8f:4d:90:86:e8:68:4a:83:8e:ea:8d:
         1e:10:3a:e7:9b:b1:40:62:fb:39:a7:19:cd:54:82:36:f9:73:
         c9:67:b8:d5:62:4d:a3:96:0f:98:cd:1d:d2:06:35:51:97:59:
         c8:dd:14:42:4a:f2:17:1a:ed:37:6a:31:70:28:37:c8:ec:34:
         b2:2e:4d:0b:10:79:f0:93:e0:84:c3:e9:9c:41:4f:b1:c3:e0:
         7c:49:92:c6:0f:e6:7d:9c:ed:82:0a:7a:0d:ad:fd:ca:ea:b8:
         d6:af:11:aa:41:94:a7:08:c2:80:52:dd:03:67:8a:b1:f5:5d:
         a0:2e:80:6f:1c:19:c2:5f:2f:32:53:6c:21:81:e3:57:a0:de:
         93:94:e1:08:5c:92:78:67:ee:8c:3c:57:a3:e2:f7:b6:c4:e6:
         d2:6c:b7:b5:e7:a6:03:64:d2:3e:bc:fc:e1:44:0c:bc:a7:75:
         b7:d1:b4:36:fb:cb:94:da:f4:73:6e:be:c9:f3:4d:ea:87:bf:
         f4:37:ee:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2gj8Lkf32Ps79k/bYH9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjYwMzAyMDAwMTU4WhcNMjYwMzAzMDAwMTU4WjAzMTEwLwYDVQQD
EyhmNWIyZDI3ZDdmMjgzNDdhMTAyYWEyYjJiZDM1ZDY4M2MxZWM0MzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuUvbnoeCS7KRVFL2VS0TBt/5iD8
Dxe2FaVCAMC6/47iQ2z8sC81x8S3yxb9p+mGU00HVK/D8Udn9HSLX6M45QtRGv4S
tXFSClxtArm1QajktnH68g1vX6ny+YbjUbBfNhLU7BRKWxcHd7oWQBfd2cn+mUit
JcgPeQNEg7c9B2PoWqDjWqckA2uv3DctC4u4HEJdrM2Xf+l4FTPMa++rKiC/6B9f
C6fFbf0ANUWdqU34PHZ6KI9U201rkQqMUQFZnIVSyypZfGahmJhfVT8VEBKdlzKF
r4h4n3UaNKVG/G6vmpMfZb6Hwz60babaquHttNaVSBSMtIfk/0AXUYx6UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWy0n1/KDR6ECqisr011oPB7ENaMB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABoShJ+sU
OKIPi5kfE48g9nW+vv9UT+bLUF/4oxPyu+QI3YnWY3a13AWZq28e1WUkK/SUr4Ou
hYAo1BPsHI9NkIboaEqDjuqNHhA655uxQGL7OacZzVSCNvlzyWe41WJNo5YPmM0d
0gY1UZdZyN0UQkryFxrtN2oxcCg3yOw0si5NCxB58JPghMPpnEFPscPgfEmSxg/m
fZztggp6Da39yuq41q8RqkGUpwjCgFLdA2eKsfVdoC6AbxwZwl8vMlNsIYHjV6De
k5ThCFySeGfujDxXo+L3tsTm0my3teemA2TSPrz84UQMvKd1t9G0NvvLlNr0c26+
yfNN6oe/9Dfuqw==
-----END CERTIFICATE-----